Bitcoin Miners Bundled With PUPs In Legitimate Applications Backed By EULA

hypnosec writes "Bitcoin miners are being integrated with third party potentially unwanted programs (PUPs) that come bundled with legitimate applications. These miners surreptitiously carry out Bitcoin mining operations on the user's system consuming valuable CPU time without explicitly asking for user's consent. Malwarebytes, the company which found evidence of these miners, first came across such an instance of a Bitcoin miner when one of the users of its software requested for assistance on November 22 through a forum post. The user revealed that 'jh1d.exe' was taking up over 50 percent of the CPU resource and even after manual deletion the executable was re-appearing. Malwarebytes dug deeper into this and found traces of a miner 'jhProtominer,' a popular mining software that runs via the command line". However, it seems that the company behind the application has a specific clause 3 in EULA that talks about mathematical calculations similar to Bitcoin mining operation. This means that the company behind the software can and will install Bitcoin miners and use system resources to perform operations as required to mine Bitcoins and keep the rewards for themselves."

One Word: CNet

[Frosty+Piss]

End users need to learn to be responsible for their own systems.

True to a certain extent. But think about downloads from CNet.

Isn't CNet a trustworthy source? No? It certainly LOOKS like a trustworthy source. It's not a warez site, right?

But of course most /. folks know otherwise, we know that CNet is one the major sources of malware.

Also, please remember that not everyone who uses a computer is an "IT pro". This should not be necessary to avoid shit like this crap.